fix(lint): resolve 20 gocritic, eslint, and type safety issues

Backend (Go):
- Add named return parameters for improved readability
- Modernize octal literals (0755 → 0o755, 0644 → 0o644)
- Replace nil with http.NoBody in test requests (3 instances)
- Add error handling for rows.Close() in test helper
- Close HTTP response bodies in network tests (3 instances)

Frontend (React/TypeScript):
- Add Fast Refresh export suppressions for UI components
- Replace 'any' types with proper TypeScript types (6 instances)
- Add missing useEffect dependency (calculateScore)
- Remove unused variable in Playwright test

Testing:
- Backend coverage: 87.3% (threshold: 85%)
- Frontend coverage: 87.75% (threshold: 85%)
- All tests passing with race detection
- Zero type errors

Security:
- CodeQL scans: Zero HIGH/CRITICAL findings
- Trivy scan: Zero vulnerabilities
- Pre-commit hooks: All passing

frontend/src/api/__tests__/consoleEnrollment.test.ts

@@ -482,9 +482,10 @@ describe('consoleEnrollment API', () => {
 
       try {
         await consoleEnrollment.enrollConsole(payload)
-      } catch (e: any) {
+      } catch (e: unknown) {
         // Error message should NOT contain the key
-        expect(e.response?.data?.error).not.toContain('cs-enroll-sensitive-key')
+        const error = e as { response?: { data?: { error?: string } } }
+        expect(error.response?.data?.error).not.toContain('cs-enroll-sensitive-key')
       }
     })